Why am I getting so many virus'/malware?

[hedron]

It seems like in the past week or so I've gotten a few virus'/malware, when I haven't gotten any in years. I'm just wondering, if there was maybe like a recent outbreak of them or something? Or maybe I've just become complacent on security?

I use MSE for my malware/virus remover/detector. Occasionally I'll run Trend Micro's House Call, but that's about it.

 

[ntba]

Need more info.

OS, Browser? Browsing Habits?

Although MSE is a good start for Windows 7 it DNE for Windows 8, merged with Windows Defender, which is garbage IMHO
Here is what I do, and I recommend:

-Latest OS patches/Updates for Windows 7/8/8.1
This is kinda obvious...

-A good AV
This is a heated subject, but I use Avira its quite light and fast. Lots of false positives as far as I can tell but I don't mind being too cautious. Kaspersky, Norton, AVG etc are fine too, but I'll probably get flamed for mentioning ANY AV. NOT a fan of Trend or McAfee though.

-MalwareBytes AntiMalware
The free version is awesome, the PAID version in conjunction with an AV is AMAZING. Automatic malware scanning and blocking and automatic malicious website blocking. There is also a rootkit scanner in the version above that. 95% of stuff gets caught by this glorious program.

-Set your DNS to OpenDNS
Is this even a thing to mention? OpenDNS blocks the worst of the worst from even getting to you by blocking the query from even reaching you.

I have them memorized and set them as my DNS on all routers and customer computers

Cisco just bought them so I hope they don't change the free service, or I'll have shot myself in the foot

208.67.220.220
208.67.222.222

-Good, Updated Browser with something like AdBlock

Latest Chrome with AdBlock/ABP/the other one I forgot. This is pretty simple.

-Browsing/Usage Habits

If you browse a lot of shady sites, cut down on it. Be careful what you download, especially if it comes in a compressed file or is only an executable. Need to do it anyway? Use a VM and install/unzip/run the files you get from shady sources like Torrents and USENET. And browse your shady sites in the VM too.

Also I read somewhere that you'll get more drive-by malware from small personal and community run websites than you ever will browsing VERY popular porn sites *wink* Porn sites WANT you to come back for Ad Revenue and are usually also on point with their security and are run by VERY tech savvy people.

Shady Free TV sites are the NUMBER ONE way to get infected with malware. They pop up overnight, deluge you with ANY advertiser that will pay and get shut down until another one comes up. THIS IS WHERE YOU WILL GET SOMETHING. Just get Netflix, or Hulu. Or even Torrenting your files is safer. By a long shot. Just stop using them. The number of times I get angry parents with teens and their malware infected computers coming in is insane. There is usually a link to ProjectFreeTV somewhere. I tell them to just pay for a NetFlix sub, it'll cost less in the long run.

Don't rely on ISP or self hosted email. Use a service like Gmail, they have their SPAM and virus checking on point. Most local or small ISPs don't. Try not to use an Email client, who still even uses one of those?

BONUS
If you're really [H]ard, you already have....

pfSense/Sophos/Untangle/Other Free or Paid UTM gateway/FW


How it ties together
This works amazing for my main computer. If I accidentally (or not) go to a malicious website that is known (to either OpenDNS, the UTM or Malwarebytes) it gets stopped right then and there. All annoyances get blocked by Adblock, so rarely do I click on an ad that I can't see. If I happen to download and execute a file that relies on an exploit, I know that my bowser is Up To Date and so is my OS, but who cares since I run shady things in a VM that I just revert. Avira and MWB both monitor startup and registry changes, and Avira is usually very German about things(super efficient that is ) and throws up warnings about every little file that does anything. No worries.

 

[Dead Parrot]

I run the Microsoft stuff MSE/Defender/etc + Malwarebytes (got the lifetime license), FF browser + Noscript, Adblock & Ghostery. Keep up to date on patches.

Also have a real firewall that allows rules for both inbound and outbound traffic. The default rules block all traffic both ways so the only traffic is stuff I have added a rule for. Also do occasional checks of the default rule log files to see what got blocked and when. It is really amazing how many sites, games and business programs assume that all outbound traffic is allowed by default on customer's networks.

If on Windows, Run msconfig(Win 7) and check out all of the stuff that starts when your machine boots. Be skeptical of anything that is an auto updater, download manager or 'experience improver'.

 

[Skripka]

MBAM used to be great...now it interferes with active protection AV suites IME.

I just use Vipre Internet Security (firewall, AV), combined with Privoxy to block ads.